CVE-2010-2545 – cacti: XSS via various object names or descriptions
https://notcve.org/view.php?id=CVE-2010-2545
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to templates_import.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via vectors related to (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources.php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php, (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, and (25) user_admin.php. Múltiples vulnerabilidades de ejecución de comandos en sitios crtuzados (XSS) en Cacti antes de v0.8.7g, tal como se utiliza en Red Hat High Performance Computing (HPC) Solution y otros productos, permite a atacantes remotos inyectar HTML o secuencias de comandos web a través del (1) elemento name en una plantilla XML para templates_import.php. También permite a los administradores remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores relacionados con (2) cdef.php, (3) data_input.php, (4) data_queries.php, (5) data_sources. php, (6) data_templates.php, (7) gprint_presets.php, (8) graph.php, (9) graphs_new.php, (10) graphs.php, (11) graph_templates_inputs.php, (12) graph_templates_items.php , (13) graph_templates.php, (14) graph_view.php, (15) host.php, (16) host_templates.php, (17) lib/functions.php, (18) lib/html_form.php, (19) lib/html_form_template.php, (20) lib/html.php, (21) lib/html_tree.php, (22) lib/rrd.php, (23) rra.php, (24) tree.php, y (25) user_admin.php. • http://cacti.net/release_notes_0_8_7g.php http://marc.info/?l=oss-security&m=127978954522586&w=2 http://marc.info/?l=oss-security&m=128017203704299&w=2 http://secunia.com/advisories/41041 http://svn.cacti.net/viewvc?view=rev&revision=6037 http://svn.cacti.net/viewvc?view=rev&revision=6038 http://svn.cacti.net/viewvc? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2010-2092 – cacti: graph.php rra_id SQL injection vulnerability (MOPS-2010-023)
https://notcve.org/view.php?id=CVE-2010-2092
SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query. Vulnerabilidad de inyección SQL en graph.php en Cacti v0.8.7e y anteriores permite a atacntes remotos ejecutar comandos SQL de su elección a través del parámetro rra_id en una petición GET en conjunción con un valor rra_id válido en una petición POST o una cooki, que supera la rutina de validación. • http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html http://secunia.com/advisories/41041 http://www.cacti.net/changelog.php http://www.debian.org/security/2010/dsa-2060 http://www.vupen.com/english/advisories/2010/2132 https://rhn.redhat.com/errata/RHSA-2010-0635.html https://access.redhat.com/security/cve/CVE-2010-2092 https://bugzilla.redhat.com/show_bug.cgi?id=609076 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2010-1431 – Cacti 0.8.7e - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1431
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter. Vulnerabilidad de inyección SQL en templates_export.php en Cacti v0.8.7e y anteriores permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro export_item_id. • https://www.exploit-db.com/exploits/12338 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://seclists.org/fulldisclosure/2010/Apr/272 http://secunia.com/advisories/39568 http://secunia.com/advisories/39572 http://secunia.com/advisories/41041 http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch http://www.debian.org/security/2010/dsa-2039 http://www.exploit-d • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2009-4112 – Joomla! Component ProofReader 1.0 RC9 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands. Cacti v0.8.7e y anteriores permite a administradores remotos autenticados obtener privilegios modificando el "Data Input Method" (método de entrada de datos) para la opción "Linux - Get Memory Usage" (Linux - obtener utilización de la memoria) para contener comandos de su elección. • https://www.exploit-db.com/exploits/33377 http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html http://www.openwall.com/lists/oss-security/2009/11/26/1 http://www.openwall.com • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-4032 – Cacti 0.8.x - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-4032
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php. Múltiples vulnerabilidades de XSS en Cacti 0.8.7e permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores relacionados con (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php y (4) lib/timespan_settings.php, como es demostrado por los parámetros (a) graph_end o (b) graph_start a graph.php; (c) el parámetro date1 en una acción tree a graph_view.php; y los parámetros (d) page_refresh y (e) default_dual_pane_width a graph_settings.php. Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities. • https://www.exploit-db.com/exploits/33374 https://www.exploit-db.com/exploits/10234 http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html http://bugs.gentoo.org/show_bug.cgi?id=294573 http://docs.cacti.net/#cross-site_scripting_fixes http://jvn.jp/en/jp/JVN09758120/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html http://secunia.com/advisories/37481 http://secunia.com/advisories/37934 http://secunia.com/advisories/38087 http: • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •